Miembros de
Boletines de Vulnerabilidades |
IBM Security Bulletin: File path traversal vulnerability in IBM Business Process Manager (BPM) and WebSphere Lombardi Edition (WLE) (CVE-2015-1884) |
|
Información sobre el sistema |
|
| Software afectado | IBM |
Descripción |
|
|
IBM Business Proccess Manager and WebSphere Lombardi Edition are vulnerable to file path traversal. Due to insufficient input parameter validation files can be downloaded by authenticated attackers using specially crafted URLs. CVE(s): CVE-2015-1884 Affected product(s) and affected version(s): IBM Business Process Manager Standard V7.5.x through V8.5.5.0 IBM Business Process Manager Express V7.5.x through V8.5.5.0 IBM Business Process Manager Advanced V7.5.x through V8.5.5.0 More info: https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_file_path_traversal_vulnerability_in_ibm_business_process_manager_bpm_and_websphere_lombardi_edition_wle_cve_2015_1884?lang=en_us |
|
Identificadores estándar |
|
| Propiedad | Valor |
| CVE | CVE-2015-1884 ,CVE-2014-3600 ,CVE-2014-3612 ,CVE-2014-8110 ,CVE-2014-3579 ,CVE-2015-0127 ,CVE-2015-0126 ,CVE-2015-0115 ,CVE-2015-0131 ,CVE-2015-0116 ,CVE-2014-8730 and CVE-2015-4000. |
Histórico de versiones |
||
| Versión | Comentario | Fecha |
| 1.0 | Advisory issued | 2015-06-24 |